Security alert for Gmail accounts as users urged to change your password now
Google has issued a new warning to Gmail users after reports emerged that millions of passwords were compromised in a huge data breach - here's what you need to know
A fresh warning has been issued to all Gmail users and it might be the perfect time to review and strengthen account security. Google has just shared some extremely helpful guidance following reports that millions of passwords were compromised in a massive data breach.
While it has since been confirmed that it wasn't a direct attack on Gmail, it doesn't mean anyone should become complacent.
In fact, Google says that Gmail users worried about their accounts should consider adding "2-step verification" and think about "resetting passwords" without delay.
So, how do you know if your account is at risk?
Initial reports of a Gmail breach started emerging after Troy Hunt, creator of the Have I Been Pwned website, released an update about ongoing cyber attacks. This complimentary service allows users to verify if their accounts have been compromised and determine if an update is needed to stay protected, reports the Express.
The latest information from Have I Been Pwned indicates that over 180 million passwords have now been exposed online. It's a staggering figure and is clearly alarming.
However, Gmail itself hasn't been targeted, but due to its enormous popularity, a massive number of accounts that have Gmail addresses linked to them are part of the recent leak. To ensure your safety, the first step is to visit Have I Been Pwned and input your email address.
You'll then be shown how many breaches your account has been involved in. If you see a red flag, it's time to make some changes and heed Google's latest advice.
Google clarified the recent hacking news and ensuing confusion in a post on X, stating:
"Reports of a 'Gmail security breach impacting millions of users' are false. Gmail's defenses are strong, and users remain protected.
"The inaccurate reports are stemming from a misunderstanding of infostealer databases, which routinely compile various credential theft activity occurring across the web.
"It's not reflective of a new attack aimed at any one person, tool, or platform.
"Users can protect themselves from credential theft by turning on 2-step verification and adopting passkeys as a stronger and safer alternative to passwords, and resetting passwords when they are found in large batches like this."
This is sound advice since the stronger the password, the less likely crooks will gain access to personal data. When creating a new password, always try to include capital letters, numbers, and symbols as these all make it harder to crack.
For instance, if your current password is liverpool, you can instantly enhance it by changing it to something like L1verp@ol.
Another crucial step is to enable the 2-step verification setting. This feature ensures that no accounts can be accessed without the login being verified on a secondary device.